Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
De um tempo pra ca o note ficou muito lento, notei um aumento na quantidade de memoria usada por alguns programas normais, como o mozilla e jogos. A inicialização do computador também ta muito demorada, não sei se é algum virus, enfim. Se puderem ajudar fico muito agradecido.
Log do HijackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:28, on 01/04/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Paulo\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110808&tt=280812_2003_3512_7&babsrc=HP_ss&mntrId=eab1196700000000000090a4dee7fb6f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-21-1513193997-3538550247-1406820036-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1513193997-3538550247-1406820036-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe--
End of file - 14597 bytes
@DigRam
--- ADW
*** [serviços] ***
*** [Arquivos/Pastas] ***
Arquivo Removido : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Arquivo Removido : C:\user.js
Pasta Removido : C:\Program Files (x86)\BabylonToolbar
Pasta Removido : C:\ProgramData\Ask
Pasta Removido : C:\ProgramData\Babylon
Pasta Removido : C:\Users\Paulo\AppData\Local\APN
Pasta Removido : C:\Users\Paulo\AppData\Roaming\Babylon
Pasta Removido : C:\Users\Paulo\AppData\Roaming\BabylonToolbar
Pasta Removido : C:\Users\Paulo\AppData\Roaming\pdfforge
Pasta Removido : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
*** [Registro] ***
Chave Removida : HKCU\Software\APN
Chave Removida : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Removida : HKCU\Software\Ask.com
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Removida : HKLM\Software\APN
Chave Removida : HKLM\Software\AskToolbar
Chave Removida : HKLM\Software\Babylon
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Removida : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Removida : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Removida : HKLM\SOFTWARE\Classes\Prod.cap
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Removida : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
*** [Navegadores] ***
-\\ Internet Explorer v9.0.8112.16470
Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110808&tt=280812_2003_3512_7&babsrc=HP_ss&mntrId=eab1196700000000000090a4dee7fb6f --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0.2 (pt-BR)
Arquivo : C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\g5nknbtt.default\prefs.js
Removida : user_pref("browser.search.defaultengine", "Ask.com");
Removida : user_pref("browser.search.defaultenginename", "Ask.com");
Removida : user_pref("browser.search.order.1", "Ask.com");
Removida : user_pref("extensions.asktb.ff-original-keyword-url", "");-\\ Google Chrome v25.0.1364.172
Arquivo : C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Preferences
Removida [l.8] : homepage = "hxxp://search.babylon.com/?affID=110808&tt=280812_2003_3512_7&babsrc=HP_ss&mntrId[...]
Removida [l.12] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=110808&tt=280812_2003_351[...]
Removida [l.44] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Removida [l.47] : keyword = "babylon.com",
Removida [l.50] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=110808&tt=280812_2003_3512_7&b[...]
Removida [l.1529] : homepage = "hxxp://search.babylon.com/?affID=110808&tt=280812_2003_3512_7&babsrc=HP_ss&mntrId=ea[...]
Removida [l.1815] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=110808&tt=280812_2003_3512_7[...]
*************************
AdwCleaner[s1].txt - [338 octets] - [01/04/2013 19:37:29]
AdwCleaner[s2].txt - [5924 octets] - [01/04/2013 19:39:33]
########## EOF - C:\AdwCleaner[s2].txt - [5984 octets] ##########
--- ZHPDIAG
http://pjjoint.malekal.com/files.php?read=ZHPDiag_20130402_u11e11g14g85
Att
Bom Dia! xterminow
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... de Thisisu )
|- Salve-o no desktop!
|- Para Windows 7,clique direito em JRT.exe e execute-o como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )
-/-
|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!
|- Para Windows Vista,desabilite a UAC.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPFix_silent_zps532d2db6.jpg&key=e3bca71d24a0067fad1910903f2d756650c2d526a3a3b4495f41f8a5e073328a" alt="ZHPFix_silent_zps532d2db6.jpg" />
|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.
|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".
[MD5.00000000000000000000000000000000] [APT] [EasyPartitionManager] (...) -- C:\Windows\MSetup\BA46-12225A02\EPM.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] => Toolbar.Ask [MD5.CE755676AE6D27A1EFEEFB0F3C70A929] [sPRF][16/01/2013] (.Ask.com - AskStub Application.) -- C:\Users\Paulo\AppData\Local\Temp\APNStub.exe [358600] O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site O4 - HKCU\..\Run: [AdobeBridge] Orphean Key O4 - GS\Desktop: ESEA Client.lnk . (...) -- C:\Program Files (x86)\ESEA\ESEA Client\eseaclient.exe (.not file.)
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars => PartyGaming PokerStars
O43 - CFD: 02/01/2013 - 09:17:47 - [119,980] ----D C:\Program Files (x86)\PokerStars => PartyGaming PokerStars[HKLM\Software\Wow6432Node\360Safe] => Infection Diverse (Lozavita.Troj)
hostfix
proxyfix
emptytemp
emptyclsid
emptyflash
firewallraz
sysrestore
|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />
|- Clique no menu,"Paste ClipBoard".
|- Clique "GO" -> Oui.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />
|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
######
---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Paulo at 01/04/2013 20:08:38
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Identificador inválido.
kernel: error reading MBR
~ MBR: 9 Legitimates Scanned in 00mn 02s
######
|- Informações da MBR não puderam ser acessadas pela ferramenta.
A+
Olé DigRam, conforme solicitado segue:
@JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.0 (04.02.2013:1)
OS: Windows 7 Home Premium x64
Ran by Paulo on 02/04/2013 at 21:58:17,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
~~~ Files
Successfully deleted: [File] "C:\windows\couponprinter.ocx"
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{036AAA1A-1AD0-4DBB-B1A3-874891386C3E}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{0EC455B6-050B-4064-9314-86E3524464CB}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{171DCC6B-823A-4E10-AE43-C4AC8A7BD82E}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{1758D0D8-D6E9-434B-B6F8-FA2F902228E0}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{1EC9DF56-3AD9-4D45-A75D-8A5C7AF1E21F}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{206B226E-44AB-4D1E-AD82-42308AEFD5F7}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{2A45174E-EDEE-4C48-91C5-65B727F41BFC}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{386394B3-4702-40A4-8599-1487DADCA9D8}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{4600347C-0E46-48B7-9C8A-910FE088B7A1}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{473FDA41-6355-4FF0-A186-C6FED035DA3A}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{489665FE-58D6-477D-B562-F33F8B05B86F}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{491B0CD2-5ED1-41A8-966C-F0A14FFBC434}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{492B330B-2D83-47E8-9B23-87F5E575E8C3}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{4B949C88-E45C-4CA1-B725-CDC98093D568}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{50D5033F-D390-4B6D-B500-4C2B4A916FCE}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{5D5BD590-221E-482F-944E-4251B3E6513F}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{5DEF0417-1A18-45F9-9C81-83AE037DAD92}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{6D921762-95CB-4D61-913A-0C7320D51A6E}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{70255B8A-8D70-4F93-9A73-54C7AE41A66D}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{7FA5F725-91FC-441C-9D4A-B803A82B5A30}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{895D0D78-B2F8-4873-8A8C-4CF920DF7D83}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{896D2C8A-BA6E-45C3-A639-426AD0349979}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{8D378AFE-B267-4BF6-8F26-FC89F1DDA424}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{92BBC578-0320-490E-8D2B-428C6CC3C58C}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{93DA1503-E4FD-4F45-B523-C78C214EA181}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{95EC6752-4810-41BD-AFCB-5E51DD47D12A}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{9C1C7287-6D53-4ABF-A904-EA84FB643BDE}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{A1618042-E40E-49A2-A32D-7670BE2B7BCB}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{ABD666BC-1813-4B5B-975F-BD381DB70F2E}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{B08B22C9-A2D3-4059-98E0-907879C6DF50}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{B234ADA6-2CA8-4241-AA15-9507D24C3AF2}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{B621185F-7E55-417B-BD5B-81B4029E7C91}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{BC7A3092-745F-46FA-9724-ECE16AC66783}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{C1F4CB9D-DD86-4C23-A0D1-BF9C98D6C32C}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{C9F5BF82-2757-412E-A4D2-70158C01B972}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{CA23A280-69FB-4D51-B79E-0F15945E7D68}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{CAC8A8BA-A8F3-4B0B-96E4-5584FF8AF5F1}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{D0E76B30-EDD1-491E-8709-6CA30C2B2D88}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{D9DAC147-5188-454E-BEBB-F36826834867}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{DCC5CDC2-BD4F-4812-9DEE-1D5F75B82B21}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{DDEDBC43-98BC-426C-B897-C0BDF800F372}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{DFB5DFD3-EEFA-447B-B771-53F58EC7AC7B}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{EB3DFBDD-0892-415C-BEBA-DCFFB0092554}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{EDE19DE2-2132-4675-A268-A37C74BB3A69}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{F3C5DB8C-1ABD-4AE1-8752-1E38D2EF8E2A}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{F5B7454A-43EF-47DE-BF99-072E5E032DF0}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{F66DBC55-6562-48B0-A8CA-07D677C1DA13}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{F91C5771-E417-4E54-B4FC-C06E50F4EE26}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{FB8E6D0A-BCA0-4BDE-AADB-41AADB3EC9AA}
Successfully deleted: [Empty Folder] C:\Users\Paulo\appdata\local\{FCA7146F-9EFA-4705-95C5-436026E94056}
~~~ FireFox
Emptied folder: C:\Users\Paulo\AppData\Roaming\mozilla\firefox\profiles\g5nknbtt.default\minidumps [188 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/04/2013 at 22:08:04,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ZHPFix
Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
Fichier d'export Registre :
Run by Paulo at 02/04/2013 22:16:02
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Recycle Files Deleted
========== Software ==========
NOT FOUND Software Key: PokerStars
========== Registry Key ==========
NOT FOUND CLSID MPSK: {47fb6ef8-5fd1-11e2-b634-90a4dee7fb6f}
NOT FOUND Key: HKLM\Software\Wow6432Node\360Safe
========== Registry Value ==========
NOT FOUND RunValue: AdobeBridge
NOT FOUND {16A4EEA0-2456-4B83-8D21-7F124AA5D1E5}
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
DELETED FirewallRaz (Domain) : NetPres-In-TCP-NoScope
DELETED FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
DELETED FirewallRaz (None) : NetPres-WSD-In-UDP
DELETED FirewallRaz (None) : NetPres-WSD-Out-UDP
DELETED FirewallRaz (Public) : NetPres-In-TCP
DELETED FirewallRaz (Public) : NetPres-Out-TCP
DELETED FirewallRaz (Public) : {515B589E-D18C-44B8-87A0-DC96F959E1F1}
DELETED FirewallRaz (Public) : {F13858F1-8579-4E63-999B-637471246673}
DELETED FirewallRaz (Private) : TCP Query User{B07C7250-EB8D-415C-BF46-F75BC5D774E0}C:\program files (x86)\mirc\mirc.exe
DELETED FirewallRaz (Private) : UDP Query User{A3C13B7F-EE5C-4194-BA3D-AE2D3A82CB23}C:\program files (x86)\mirc\mirc.exe
DELETED FirewallRaz (Public) : TCP Query User{5FA2AEEB-C6E3-49C9-AB48-2CB238B56862}C:\program files (x86)\mirc\mirc.exe
DELETED FirewallRaz (Public) : UDP Query User{FA10354C-89DB-4B78-92F9-4F5C774D4E67}C:\program files (x86)\mirc\mirc.exe
DELETED FirewallRaz (Private) : TCP Query User{044ECE9B-CD2F-4FC9-9342-CA7BB72723DF}C:\program files (x86)\samsung\pc auto backup\autobackup.exe
DELETED FirewallRaz (Private) : UDP Query User{A2ABA8A0-5C7A-4A60-B660-97B799928046}C:\program files (x86)\samsung\pc auto backup\autobackup.exe
DELETED FirewallRaz (Private) : {93CFE47C-C898-48DC-AE7A-658833449BCC}
DELETED FirewallRaz (Private) : {806138A8-80F2-46AF-8D5D-16B9C4479A43}
DELETED FirewallRaz (Private) : {CE55C5F9-5A81-434F-BD61-B9F6E12C1446}
DELETED FirewallRaz (Private) : {4971C0D7-C509-4569-9BCB-A308DB20FBE1}
DELETED FirewallRaz (Public) : {CE2B67BE-9506-434E-97CC-93696D2A62CB}
DELETED FirewallRaz (Public) : {42BB24EB-CEA8-471A-9DEC-BC8249DA98AD}
DELETED FirewallRaz (Public) : {A5E06B14-8F7C-46AF-B356-D0F2B046CE49}
DELETED FirewallRaz (Public) : {2822FB69-040A-4DD4-A5D5-7FCC86B36D3E}
DELETED FirewallRaz (Public) : TCP Query User{96C6E129-62CC-4BBB-91C6-AB12AD30B42B}C:\program files (x86)\samsung\pc auto backup\autobackup.exe
DELETED FirewallRaz (Public) : UDP Query User{89917DDB-A000-4FF4-B958-BEA44E07C37B}C:\program files (x86)\samsung\pc auto backup\autobackup.exe
========== Repertory ==========
No Empty CLSID Directories
DELETED Flash Cookies
========== File ==========
NOT FOUND Folder/File: c:\users\paulo\appdata\local\temp\apnstub.exe
NOT FOUND File: c:\users\paulo\desktop\esea client.lnk
NOT FOUND File: c:\program files (x86)\esea\esea client\eseaclient.exe
DELETED Window Temporary
DELETED Flash Cookies
========== Hosts file ==========
Hosts File not cleaned (Please Deactivate your Antivirus)
Hosts File not cleaned (Please Deactivate your Antivirus)
========== Task ==========
NOT FOUND Task: EasyPartitionManager
NOT FOUND Task: Scheduled Update for Ask Toolbar
========== Restoration ==========
Restore System Point created succefully
========== Summary ==========
2 : Registry Key
34 : Registry Value
2 : Repertory
5 : File
1 : Software
2 : Hosts file
2 : Task
1 : Restoration
End of clean in 00mn 20s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 02/04/2013 22:14:55 [1927]
C:\ZHP\ZHPFix[R2].txt - 02/04/2013 22:16:02 [3972]
Os itens em verde do seu post é para seu entendimento futuro ou eu teria que realizar alguma ação?!
Boa Noite!
Bom Dia! xterminow
|- Baixe: < http://sd-2.archive-host.com/membres/up/12765908573187185/MyHosts.exe'>MyHosts > ( ... par Jeanmimigab )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/MyHosts.jpg&key=55ffdb1b1e10372ffe12971bf75febd40dd02a1d214b922df8081924a61b3181" alt="MyHosts.jpg" />
|- Execute o arquivo MyHosts.exe,que está na área de trabalho.
|- Para Windows Vista ou 7,execute-o como administrador.
#######
Rapport MyHosts.txt
MyHosts V.1.0.0.2 de jeanmimigab
Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides
Résultat de l'opération:restauration du fichier hosts réussi...
Fin du rapport
#######
|- Poste o relatório: C:\MyHosts.txt
>
http://forum.imasters.com.br/topic/491263-computador-muito-lento/#entry1953452'>/applications/core/interface/imageproxy/imageproxy.php?img=http://forum.imasters.com.br/public/style_images/imasters-2011/snapback.png&key=6c4595d94bb1086600237aa9845db775ed272665f16a239c5c53fcdbbbb6a3c3" alt="snapback.png" /> : xterminow, em 06/02/2013, disse:
Os itens em verde do seu post é para seu entendimento futuro ou eu teria que realizar alguma ação?!
|- De certo modo,é para notificar e/ou lembrar-me dessa investigação.
-/-
|- Baixe: < http://public.avast.com/~gmerek/aswMBR.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i40.tinypic.com/2v8pnvm.png&key=f1e5fa5d1518d87a333525cbecfc733846847204e9996c98ec39a30da75ead89" alt="2v8pnvm.png" /> > ( ... de Przemyslaw Gmerek )
|- Salve-o no desktop!
http://imgbox.com/accITeJn'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/accITeJn.jpg&key=78293092cbcc7ac545e0e970608b1edbdc0d932fa4611df6ba31ca0f1cdc9b42" alt="accITeJn.jpg" />
|- Para Windows 7,recomendo executar aswMBR.exe em Modo de Compatibilidade. Clique direito no arquivo e selecione "Propriedades".
|- Clique na guia "Compatibilidade e escolha Windows XP ( SP3 ).
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/aswMBR_C.jpg&key=1f6dce0d8e0baaf4c496fbb579bd7a53daac5da50cfe6b50d2210eb283cc12c6" alt="aswMBR_C.jpg" />
|- Abra a ferramenta,com um duplo clique em aswMBR.exe.
|- Para Windows Vista ou 7,dê clique direito em "aswMBR.exe" e execute-o como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://i44.tinypic.com/141muyu.png&key=a00d7a743481bf57c0146cd8f2741fc0a17806fdb559cfb6d4974fc840566296" alt="141muyu.png" />
|- Clique "Sim",para atualizar a ferramenta com as últimas definições da Avast.
|- Clique em "Scan" e,ao concluir,clique em "Save log".
|- Salve-o em local adequado! <- Poste esse relatório!
|- Ps: Será criado ao desktop,o dump MBR.dat que é backup da MBR e deve ser reservado.
A+
@MyHosts
O ".txt" que abre no final é esse:
Rapport MyHosts.txt
MyHosts V.1.0.0.2 de jeanmimigab
Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides
Résultat de l'opération:restauration du fichier hosts réussi...
Fin du rapport
Na tela do programa fica:
arquivo processado: C\windows\system32\drivers\etc\hotsts
Caminho não encontrado - C\windows\system32\drivers\etc
1 arquivo (s) movido (s).
1 arquivo (s) copiado (s).
Caminho não encontrado - C\windows\system32\drivers\etc
@aswMBR
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-03 19:14:17
-----------------------------
19:14:17.079 OS Version: Windows x64 5.1.2600 Service Pack 3
19:14:17.079 Number of processors: 4 586 0x2A07
19:14:17.080 ComputerName: PAULO-PC UserName: Paulo
19:14:18.159 Initialze error C0000034 - driver not loaded
19:14:26.338 AVAST engine defs: 13040301
19:14:33.649 Service scanning
19:14:35.679 Service aswKbd C:\windows\System32\Drivers\aswKbd.sys LOCKED
19:14:35.803 Service aswRdr C:\windows\System32\Drivers\aswrdr2.sys LOCKED
19:14:35.844 Service aswRvrt C:\windows\System32\Drivers\aswRvrt.sys LOCKED
19:14:35.998 Service aswSP C:\windows\System32\Drivers\aswSP.sys LOCKED
19:14:36.040 Service aswTdi C:\windows\System32\Drivers\aswTdi.sys LOCKED
19:14:36.089 Service aswVmm C:\windows\System32\Drivers\aswVmm.sys LOCKED
19:14:58.661 Modules scanning
19:14:58.665 Disk 0 trace - called modules:
19:14:58.667
19:14:59.301 AVAST engine scan C:\
20:37:48.184 Scan finished successfully
20:52:24.035 The log file has been saved successfully to "C:\Users\Paulo\Desktop\aswMBR.txt"
Bom Dia! xterminow
< C:\Users\Paulo\Desktop\aswMBR.txt <<
|- Localize e poste aswMBR.txt.
-/-
|- Baixe: < http://majorgeeks.com/downloadget.php?id=7226&file=1&evp=41637a00edff17468e59cba2d9bcf6bf'>JetClean 1.3.0 Final > ( ... by BlueSprig )
|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )
http://imgbox.com/adzVh9sP'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adzVh9sP.jpg&key=38fb084fc03b8990854fb91b7552a8f85295f866ef8fd174b17fb5ff781b3096" alt="adzVh9sP.jpg" />
|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean.
|- Vá em "Scan Now" e escolha: Shut down PC after Repair
< http://www.bluesprig.com/jetboost.html'>JetBoost >
http://imgbox.com/adcx3QVr'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adcx3QVr.jpg&key=f551791e9ccb6a3050f8f1a15bce3f5f34262d707bdf2d77ba275768c6193ec8" alt="adcx3QVr.jpg" />
|- À seguir,tente melhorar a performance com o JetBoost.
A+
@DigRam
O arquivo que ficou salvo no desktop do aswMBR é exatamente esse .txt que eu postei, nada a mais. Posso refazer o procedimento caso necessario.
Realizei as 2 ações JetClean e JetBoost. Na primeira pelo que eu vi antes de reiniciar, tava falando que mais de 1gb foi limpo. O jetboost mostrou um boost de 40%.
Att
Boa Tarde! xterminow
|- Vamos concluir com a remoção das ferramentas que foram empregadas.
-/-
|- Baixe: |http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/9-delfix'>DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />
|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.
http://imgbox.com/aciCkcnc'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/aciCkcnc.jpg&key=64869378cfa4b064d7b47039e3c62f5b7663c245630c39d83d544fa67ef7cd81" alt="aciCkcnc.jpg" />
|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".
A+
~ Removing disinfection tools ...
Deleted : C:\JRT
Deleted : C:\MyHosts
Deleted : C:\ZHP
Deleted : C:\Program Files (x86)\ZHPDiag
Deleted : C:\AdwCleaner[s1].txt
Deleted : C:\AdwCleaner[s2].txt
Deleted : C:\MyHosts.txt
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\Users\Paulo\Desktop\adwcleaner.exe
Deleted : C:\Users\Paulo\Desktop\aswMBR.exe
Deleted : C:\Users\Paulo\Desktop\aswMBR.txt
Deleted : C:\Users\Paulo\Desktop\JRT.exe
Deleted : C:\Users\Paulo\Desktop\JRT.txt
Deleted : C:\Users\Paulo\Desktop\MyHosts.exe
Deleted : C:\Users\Paulo\Desktop\ZHPDiag.txt
Deleted : C:\Users\Paulo\Desktop\ZHPDiag2.exe
Deleted : C:\Users\Paulo\Desktop\ZHPFixReport.txt
Deleted : C:\Users\Public\Desktop\MBRCheck.lnk
Deleted : C:\Users\Public\Desktop\ZHPDiag.lnk
Deleted : C:\Users\Public\Desktop\ZHPFix.lnk
Deleted : C:\Users\Paulo\Downloads\HijackThis.exe
Deleted : C:\Users\Paulo\Downloads\hijackthis.log
Deleted : C:\Users\Paulo\Downloads\PCAutoBackup_setup.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
~ Cleaning system restore ...
Deleted : RP #164 [Windows Update | 03/12/2013 23:44:03]
Deleted : RP #165 [Windows Update | 03/13/2013 06:00:28]
Deleted : RP #166 [installed Java 7 Update 17 | 03/14/2013 21:06:53]
Deleted : RP #167 [Windows Update | 03/19/2013 02:19:29]
Deleted : RP #168 [Windows Update | 03/22/2013 08:26:39]
Deleted : RP #169 [Windows Update | 03/26/2013 06:00:20]
Deleted : RP #170 [Windows Update | 03/29/2013 21:43:32]New restore point created !
########## - EOF - ##########
Olá! xterminow
|- Por aqui,nada mais à realizar! Tudo Ok?
Abs!
Deu uma boa melhorada, como estou trabalhando ainda não consegui parar e ver realmente como o note está, dentro de alguns dias volto a retornar sobre a situação do note, perfeito?!
Muito obrigado pela atenção e pelos esclarecimentos!
>
Deu uma boa melhorada, como estou trabalhando ainda não consegui parar e ver realmente como o note está, dentro de alguns dias volto a retornar sobre a situação do note, perfeito?!
Muito obrigado pela atenção e pelos esclarecimentos!
Ok! Realize suas observações.
A+
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Tarde! xterminow
|- Baixe: < http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/adwcleaner_logo.jpg&key=e2bde0dd8c13fd52e18ca6fc88e8f2d73040a387059f8bc22a53202f0de6f95f" alt="adwcleaner_logo.jpg" /> > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >
|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Ps: Dê início ao scan,clicando em "Remover". < http://imgbox.com/abpXmu2U'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abpXmu2U.jpg&key=ba3ca278ff9701ebe84a46dc01caabecb05660294243097bd9cdadad470fa662" alt="abpXmu2U.jpg" /> >
http://imgbox.com/acuDr4Nb'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acuDr4Nb.jpg&key=492da95813cfa0b62258768d3d470b9ceb78ca09dae770ecd9b6708eee1aab5e" alt="acuDr4Nb.jpg" />
|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt
-/-
|- Baixe: | ftp://zebulon.fr/ZHPDiag2.exe'>ZHPDiag2 | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ºº ( ... de Nicolas Coolman )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPDiag_UAC.jpg&key=f03b919472ff9f0d8a3597cdd2980adb445695813761dfe0f41961f0b4893a7b" alt="ZHPDiag_UAC.jpg" />
|- Clique no botão UAC,para desabilitar essa proteção.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Salve-o em um local conveniente! ( ZHPDiag.txt )
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Envie-o à http://forum.imasters.com.br/topic/452207-pjjointmalekal-hospedagem-inteligente/'>Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Ou acesse: http://cjoint.com/'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" />
|- Ou acesse: http://imgbox.com/abmdaZsE'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" />
|- Maiores informações: < |http://forum.imasters.com.br/topic/452911-myfiletk-cjoint/'>Link| >
A+